Gossamer Forum
Home : Products : DBMan SQL : Discussion :

different access restrictions for one user table

Quote Reply
different access restrictions for one user table
Hi,

Is it possible to have one user table and give people different access rules for the different tables. For example, I have 60 users. I would like to give the read only access to table A (the data is generated by external scripts) but read/write access to table B (which is maintained by the users). I don't want to make two table groups as that would involve too much update time.

Sorry for not finding this in the forum.Crazy I hope someone can help me along...

Jasper

http://www.bookings.org
Quote Reply
Re: [jaspercram] different access restrictions for one user table In reply to
Hopefully a staff person will correct me if I'm wrong, but I don't believe this is currently possible with the standard setup. I know with plain old flatfile DBMan there is a multiple permissions mod that may address this issue (I know the mod exists - just not exactly sure what it does). But very few if any of those mods have been ported to DBManSQL.

Does the information in table A need to be password protected, or is it viewable by the general public? If the latter is the case, then a workaround solution might be to set table A to allow view-only access to a default user, and then don't assign a users table that provides any additional (e.g. add/modify/delete) access to non-admin users. Then anyone can view those records, but only an "admin" user (as defined by you in an admin_users table) can modify them. On the other hand, if only registered users should be able to view the contents of table A, then you may just need two user tables. Perhaps a simple script to synchronize them could be developed and run by cronjob.

Fractured Atlas :: Liberate the Artist
Services: Healthcare, Fiscal Sponsorship, Marketing, Education, The Emerging Artists Fund
Quote Reply
Re: [jaspercram] different access restrictions for one user table In reply to
Could this work?

What if I would hide the add and modify options in the templates for some tables and write pre-add and pre-modify plugins to verify that knowone is editing these tables by creating own parameter list?

Hope you understand what I am talking about. I am not sre if I do myself... Crazy

Jasper

http://www.bookings.org
Quote Reply
Re: [jaspercram] different access restrictions for one user table In reply to
In Reply To:
Could this work?

What if I would hide the add and modify options in the templates for some tables and write pre-add and pre-modify plugins to verify that knowone is editing these tables by creating own parameter list?

Hope you understand what I am talking about. I am not sre if I do myself... Crazy

Jasper


I'm not sure I do understand... You can always "hide" links in templates, but that is only really a workable solution if you're positive that the script will only be used by benevolent, luddite users. A user who wanted to mess with your tables and had any familiarity with the script could always pass the information in the url directly - as in: http://www.yoursite.com/...x&do=modify_form. Probably not the best idea.

Where I get confused is when you start talking about pre-add and pre-modify plugins... I don't know what you mean by that or what it would be intended to accomplish. If you can explain a little more, I'm happy to try to work through it with you. (We DBManSQL users need to stick together - there aren't too many of us!) Wink

Fractured Atlas :: Liberate the Artist
Services: Healthcare, Fiscal Sponsorship, Marketing, Education, The Emerging Artists Fund
Quote Reply
Re: [hennagaijin] different access restrictions for one user table In reply to
In Reply To:
I'm not sure I do understand... You can always "hide" links in templates, but that is only really a workable solution if you're positive that the script will only be used by benevolent, luddite users. A user who wanted to mess with your tables and had any familiarity with the script could always pass the information in the url directly - as in: http://www.yoursite.com/cgi-bin/ db.cgi?db=xxx&do=modify_form. Probably not the best idea.
Right! I wanted to solve that problem by using plugins.

In Reply To:
Where I get confused is when you start talking about pre-add and pre-modify plugins... I don't know what you mean by that or what it would be intended to accomplish.
I have never written GT prugins before, so I am not sure where I am talking about. Unsure I got my info from the help pages of Links SQL on plugins. It is explained there that plugins are called before and after certain GT actions (like adding, deleting and modifying records). In these plugins, you can specify whether the action itself should be executed or not. So my idea was, to check in the plugin if the current user has the right to do the requested action on the specified table.

I am not sure if this is more clear than my previous posting.... Crazy

Jasper

http://www.bookings.org
Quote Reply
Re: [jaspercram] different access restrictions for one user table In reply to
I've never written a GT plugin before either! Part of the problem is that we're using DBManSQL. I just recently purchased LinksSQL and it seems to have a ton more documentation on plugins, I just haven't had time yet to sort through it all and figure out how to apply it to DBManSQL. The good news is that the basic logic and processes should be more or less the same.

I do have a better understanding of what you're talking about. I think that should definitely be possible with a plugin. You could either add an additional field to your users database, which the plugin could reference, or you could have the plugin force users to have admin permissions to add or modify anything on that one table.

I do think that's the way to go - I just wish I had more information for you about the plugin-writing-process itself! I'm going to be trying to write some simple DBManSQL plugins soon and I'll post them to the Development, Plugins, and Globals board when I do. Hopefully you can do the same, and maybe DBManSQL will slowly start to have a bigger knowledge base for future new users to benefit from.

Fractured Atlas :: Liberate the Artist
Services: Healthcare, Fiscal Sponsorship, Marketing, Education, The Emerging Artists Fund
Quote Reply
Re: [jaspercram] different access restrictions for one user table In reply to
Moderators, can you give a suggestion how to do this?

BTW, the manual mentiones on page 4 under the heading Flexible Authentication that it is possible to get the usernames and passwords from different locations. How would that be implemented?

http://www.bookings.org

Last edited by:

jaspercram: Oct 14, 2002, 3:59 AM
Quote Reply
Re: [jaspercram] different access restrictions for one user table In reply to
Hi,

There is no way to handle this issue with DBMan SQL which is the custom job.

TheStone.

B.
Quote Reply
Re: [TheStone] different access restrictions for one user table In reply to
Are you sure? It is advertised as one of the main features of DBMan SQL on your site (see http://www.gossamer-threads.com/...man-sql/features.htm):
Quote:
Flexible Authentication
You don't need yet another user database to run DBMan SQL, we have plugins that allow you to integrate DBMan SQL seamlessly into other applications. For instance, you can have DBMan SQL authenticate users off of an existing Web Forum, a Secure ID system, an LDAP server, or any other data source. All that is involved is creating a simple plugin.

I really hope your website speaks the truth as I could really use this feature!Unsure

Bye, Jasper

http://www.bookings.org